Page 4 of 33 results (0.007 seconds)

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 4

CVE-2015-1338 – Apport 2.19 (Ubuntu 15.04) - Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2015-1338

24 Sep 2015 — kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log. kernel_crashdump en Apport en versiones anteriores a 2.19, permite a usuarios locales provocar una denegación de servicio (consumo de disco) o posiblemente obtener privilegios a través de un ataque de enlace (1) simbólico o (2) duro en /var/crash/vmcore.log. Halfdog discovered that Apport incorrectly handled ... • https://packetstorm.news/files/id/133723 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 7

CVE-2015-1318 – Apport 2.14.1 (Ubuntu 14.04.2) - Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2015-1318

14 Apr 2015 — The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container). La característica de informes de caídas en Apport 2.13 hasta 2.17.x anterior a 2.17.1 permite a usuarios locales ganar privilegios a través de un fichero usr/share/apport/apport manipulado en un espacio de nombre (contenedor). Apport incorrectly handled the crash reporting feature. A local attacker could use this issue to gain el... • https://packetstorm.news/files/id/146235 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2009-1295

https://notcve.org/view.php?id=CVE-2009-1295

30 Apr 2009 — Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors. Apport anterior a v0.108.4 en Ubuntu v8.04 LTS, antes de v0.119.2 en Ubuntu v8.10, y antes de v1.0-0ubuntu5.2 en Ubuntu v9.04 no elimina adecuadamente los archivos del directorio crash-report,lo cual permite a los usuarios locales borrar archiv... • http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html • CWE-16: Configuration •